/**
*
* Function sort out paramaters
* This function creates folders needed when duplicating a template
* @param number $folder_name_id - the id of this template
* @param number $tutorial_id_from_post - the parent template name for the new tutorial
* @version 1.0
* @author Patrick Lockley
*/
function create_new_template($folder_name_id, $parent_template_name)
{
global $dir_path, $new_path, $temp_dir_path, $temp_new_path, $xerte_toolkits_site;
$row_framework = db_query_one("SELECT template_framework from {$xerte_toolkits_site->database_table_prefix}originaltemplatesdetails WHERE template_name = ?", array($parent_template_name));
// I think this is wrong, currently looking like : /home/david/src/xerteonlinetoolkits/modules//templates/0 should presumably be home/david/src/xerteonlinetoolkits/modules/xerte/templates/Nottingham
$dir_path = $xerte_toolkits_site->basic_template_path . $row_framework['template_framework'] . "/templates/" . $parent_template_name;
/**
* Get the id of the folder we are looking to copy into
*/
_debug("Creating new template : {$folder_name_id}, {$parent_template_name}");
$new_path = $xerte_toolkits_site->users_file_area_full . $folder_name_id . "-" . $_SESSION['toolkits_logon_username'] . "-" . $parent_template_name;
$path = $xerte_toolkits_site->users_file_area_full . $folder_name_id . "-" . $_SESSION['toolkits_logon_username'] . "-" . $parent_template_name;
if (is_dir($path)) {
_debug("Trying to create new template at location - {$path} - it's already in use. Aborting");
die("Template directory already exists; will not overwrite/re-create.");
}
if (mkdir($path)) {
_debug("Created {$path} ok");
if (@chmod($path, 0777)) {
$ok = copy_r($dir_path, $path);
_debug("Copy_r returned " . print_r($ok, true));
return $ok;
} else {
_debug("Failed to set rights ");
receive_message($_SESSION['toolkits_logon_username'], "FILE_SYSTEM", "MAJOR", "Failed to set rights on parent folder for template", "Failed to set rights on parent folder " . $path);
return false;
}
} else {
receive_message($_SESSION['toolkits_logon_username'], "FILE_SYSTEM", "CRITICAL", "Failed to create parent folder for template", "Failed to create parent folder " . $path);
return false;
}
}
/**
*
* Function get user id
* get the user's database ID
* @author Patrick Lockley
* @version 1.0
* @return number - The user's database id
* @copyright Copyright (c) 2008,2009 University of Nottingham
* @package
*/
function get_user_id()
{
global $xerte_toolkits_site;
$row = db_query_one("SELECT login_id FROM {$xerte_toolkits_site->database_table_prefix}logindetails WHERE username = ?", array($_SESSION['toolkits_logon_username']));
if (!empty($row)) {
return $row['login_id'];
} else {
receive_message($_SESSION['toolkits_logon_username'], "ADMIN", "CRITICAL", "Failed to get users ID", "Failed to get users ID");
}
}
function xerte_session_write($id, $data)
{
global $xerte_toolkits_site;
$access = time();
$response = db_query_one('SELECT * FROM user_sessions WHERE id = ?', array($id));
if (empty($response)) {
db_query_one("INSERT INTO user_sessions VALUES(?,?,?)", array($id, $access, $data));
} else {
db_query("UPDATE user_sessions SET data = ?, access = ? WHERE id = ?", array($data, $access, $id));
}
}
function get_default_engine($template_id)
{
global $xerte_toolkits_site;
$row = db_query_one("SELECT td.extra_flags FROM {$xerte_toolkits_site->database_table_prefix}templatedetails td WHERE td.template_id = ?", array($template_id));
if ($row == false) {
receive_message($_SESSION['toolkits_logon_username'], "ADMIN", "CRITICAL", "Failed to get default template engine", "Failed to get the default template engine");
} else {
$engine = 'javascript';
$extra_flags = explode(";", $row['extra_flags']);
foreach ($extra_flags as $flag) {
$parameter = explode("=", $flag);
switch ($parameter[0]) {
case 'engine':
$engine = $parameter[1];
break;
}
}
return $engine;
}
}
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
/**
*
* folder properties template page, used by the site to display the default panel for the properties page
*
* @author Patrick Lockley
* @version 1.0
* @package
*/
require_once "../../../config.php";
_load_language_file("/website_code/php/folderproperties/folderproperties_template.inc");
include "../url_library.php";
//connect to the database
if (is_numeric($_POST['folder_id'])) {
$database_connect_id = database_connect("Folder name database connect success", "Folder name database connect failed");
$prefix = $xerte_toolkits_site->database_table_prefix;
$query_for_folder_name = "select folder_name from {$prefix}folderdetails where folder_id=?";
$params = array($_POST['folder_id']);
$row_template_name = db_query_one($query_for_folder_name, $params);
echo "<p class=\"header\"><span>" . FOLDER_PROPERTIES_PROPERTIES . "</span></p>";
echo "<p>" . FOLDER_PROPERTIES_CALLED . " " . str_replace("_", " ", $row_template_name['folder_name']) . "</p>";
echo "<p>" . FOLDER_PROPERTIES_CHANGE . "</p>";
echo "<p><form id=\"rename_form\" action=\"javascript:rename_folder('" . $_POST['folder_id'] . "', 'rename_form')\">" . "<input style=\"padding-bottom:5px\" type=\"text\" value=\"" . str_replace("_", " ", $row_template_name['folder_name']) . "\" " . "name=\"newfoldername\" /><button type=\"submit\" class=\"xerte_button\" " . "align=\"top\" style=\"padding-left:5px\">" . FOLDER_PROPERTIES_BUTTON_SAVE . "</button></form>";
}
/**
*
* Function create folder loop
* This function outputs the xerte editor code
* @param array $row_edit - the mysql query for this folder
* @param number $xerte_toolkits_site - a number to make sure that we enter and leave each folder correctly
* @param bool $read_status - a read only flag for this template
* @param number $version_control - a setting to handle the delettion of lock files when the window is closed
* @version 1.0
* @author Patrick Lockley
*/
function output_editor_code($row_edit, $xerte_toolkits_site, $read_status, $version_control)
{
require_once "config.php";
_load_language_file("/modules/xerte/edit.inc");
$row_username = db_query_one("select username from {$xerte_toolkits_site->database_table_prefix}logindetails where login_id=?", array($row_edit['user_id']));
if (empty($row_username)) {
die("Invalid user id ?");
}
/**
* create the preview xml used for editing
*/
$preview = $xerte_toolkits_site->root_file_path . $xerte_toolkits_site->users_file_area_short . $row_edit['template_id'] . "-" . $row_username['username'] . "-" . $row_edit['template_name'] . "/preview.xml";
$data = $xerte_toolkits_site->root_file_path . $xerte_toolkits_site->users_file_area_short . $row_edit['template_id'] . "-" . $row_username['username'] . "-" . $row_edit['template_name'] . "/data.xml";
if (!file_exists($preview) && file_exists($data)) {
copy($data, $preview);
chmod($preview, 0777);
}
/**
* set up the strings used in the flash vars
*/
$string_for_flash_xml = $xerte_toolkits_site->users_file_area_short . $row_edit['template_id'] . "-" . $row_username['username'] . "-" . $row_edit['template_name'] . "/preview.xml";
$string_for_flash_media = $xerte_toolkits_site->users_file_area_short . $row_edit['template_id'] . "-" . $row_username['username'] . "-" . $row_edit['template_name'] . "/media/";
$string_for_flash_xwd = "modules/" . $row_edit['template_framework'] . "/parent_templates/" . $row_edit['template_name'] . "/";
/**
* sort of the screen sies required for the preview window
*/
$temp = explode("~", get_template_screen_size($row_edit['template_name'], $row_edit['template_framework']));
$edit_site_logo = $xerte_toolkits_site->site_logo;
$pos = strrpos($edit_site_logo, '/') + 1;
$edit_site_logo = substr($edit_site_logo, 0, $pos) . "edit_" . substr($edit_site_logo, $pos);
$edit_organisational_logo = $xerte_toolkits_site->organisational_logo;
$pos = strrpos($edit_organisational_logo, '/') + 1;
$edit_organisational_logo = substr($edit_organisational_logo, 0, $pos) . "edit_" . substr($edit_organisational_logo, $pos);
/**
* set up the onunload function used in version control
*/
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" \"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title><?php
echo XERTE_EDIT_TITLE;
?>
</title>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<link href="website_code/styles/frontpage.css" media="screen" type="text/css" rel="stylesheet" />
<link rel="icon" href="favicon_edit.ico" type="image/x-icon" />
<link rel="shortcut icon" href="favicon_edit.ico" type="image/x-icon" />
<script src="modules/xerte/js/swfobject.js"></script>
<script src="website_code/scripts/opencloseedit.js"></script>
<script src="website_code/scripts/template_management.js"></script>
<script src="website_code/scripts/ajax_management.js"></script>
<script type="text/javascript" language="javascript">
function getSessionID(){
var id;
var auth = '<?php
echo strtolower($xerte_toolkits_site->authentication_method);
?>
';
var browser = (navigator.userAgent.toLowerCase().indexOf('firefox') > -1) ? 'firefox' :
((navigator.userAgent.toLowerCase().indexOf('safari') > -1) ? 'safari' :
'other');
//Pass data to upload (Firefox Flash Cookie Bug) which we are
//It first checks moodle, then defaults
if (auth == 'moodle') {
//Its Moodle integration so we need the whole cookie
return 'BROWSER=' + browser + '&AUTH=moodle&COOKIE=' + escape(document.cookie);
}
else if ((id = document.cookie.match(/PHPSESSID=[^;]+/))) {
// Its Default authentication so we only need session id
return 'BROWSER=' + browser + '&AUTH=xerte&' + id;
}
return null;
}
function setunload(){
window.onbeforeunload = bunload;
}
function hideunload(){
window.onbeforeunload = function(){};
}
window.onbeforeunload = bunload;
function bunload(){
path = "<?php
echo $row_edit['template_id'] . "-" . $row_username['username'] . "-" . $row_edit['template_name'] . "/";
?>
";
template = "<?php
echo $row_edit['template_id'];
?>
";
if(typeof window_reference==="undefined"){
window.opener.edit_window_close(path,template);
}else{
window_reference.edit_window_close(path,template);
}
}
function receive_picture(url){
alert(url);
}
</script>
</head>
<body>
<div style="margin:0 auto; width:800px">
<div class="edit_topbar" style="width:800px">
<img src="<?php
echo $edit_site_logo;
?>
" style="margin-left:10px; float:left" />
<img src="<?php
echo $edit_organisational_logo;
?>
" style="margin-right:10px; float:right" />
</div>
</div>
<center>
<div id="flashcontent" style="margin:0 auto">
This text is replaced by the Flash movie.
</div>
</center>
<script type="text/javascript">
var so = new SWFObject("modules/xerte/engine/wizard.swf", "mymovie", "800", "600", "8,0,0,0", "#e0e0e0");
so.addParam("quality", "high");<?php
/**
* set up the flash vars the editor needs.
*/
echo "so.addVariable(\"xmlvariable\", \"{$string_for_flash_xml}\");";
echo "\n";
echo "so.addVariable(\"rlovariable\", \"{$string_for_flash_media}\");";
echo "\n";
echo "so.addVariable(\"languagecodevariable\", \"" . $_SESSION['toolkits_language'] . "\");";
echo "\n";
echo "so.addVariable(\"originalpathvariable\", \"{$string_for_flash_xwd}\");";
echo "\n";
echo "so.addVariable(\"template_id\", \"" . $row_edit['template_id'] . "\");";
echo "\n";
echo "so.addVariable(\"template_height\", \"" . $temp[1] . "\");";
echo "\n";
echo "so.addVariable(\"template_width\", \"" . $temp[0] . "\");";
echo "\n";
echo "so.addVariable(\"read_and_write\", \"" . $read_status . "\");";
echo "\n";
echo "so.addVariable(\"savepath\", \"" . $xerte_toolkits_site->flash_save_path . "\");";
echo "\n";
echo "so.addVariable(\"upload_path\", \"" . $xerte_toolkits_site->flash_upload_path . "\");";
echo "\n";
echo "so.addVariable(\"preview_path\", \"" . $xerte_toolkits_site->flash_preview_check_path . "\");";
echo "\n";
echo "so.addVariable(\"flv_skin\", \"" . $xerte_toolkits_site->flash_flv_skin . "\");";
echo "\n";
echo "so.addVariable(\"site_url\", \"" . $xerte_toolkits_site->site_url . "\");";
echo "\n";
echo "so.addVariable(\"apache\", \"" . $xerte_toolkits_site->apache . "\");";
echo "\n";
echo "so.write(\"flashcontent\");";
echo "\n";
echo "</script></body></html>";
echo "\n";
}
/**
*
* Function output_editor_code
* This function outputs the xerte editor code
* @param array $row_edit - the mysql query for this folder
* @param number $xerte_toolkits_site - a number to make sure that we enter and leave each folder correctly
* @param bool $read_status - a read only flag for this template
* @param number $version_control - a setting to handle the delettion of lock files when the window is closed
* @version 1.0
* @author Patrick Lockley
*/
function output_editor_code($row_edit, $xerte_toolkits_site, $read_status, $version_control)
{
require_once "config.php";
require_once "website_code/php/language_library.php";
_load_language_file("/modules/xerte/edit.inc");
$row_username = db_query_one("select username from {$xerte_toolkits_site->database_table_prefix}logindetails where login_id=?", array($row_edit['user_id']));
if (empty($row_username)) {
die("Invalid user id ?");
}
/**
* create the preview xml used for editing
*/
$preview_filename = "preview.xml";
$rlo_path = $xerte_toolkits_site->users_file_area_full . $row_edit['template_id'] . "-" . $row_username['username'] . "-" . $row_edit['template_name'];
$media_path = $rlo_path . "/media/";
$preview = $rlo_path . "/preview.xml";
$data = $rlo_path . "/data.xml";
if (!file_exists($preview) && file_exists($data)) {
copy($data, $preview);
chmod($preview, 0777);
}
$preview_url = $xerte_toolkits_site->users_file_area_short . $row_edit['template_id'] . "-" . $row_username['username'] . "-" . $row_edit['template_name'] . "/" . $preview_filename;
$data_url = $xerte_toolkits_site->users_file_area_short . $row_edit['template_id'] . "-" . $row_username['username'] . "-" . $row_edit['template_name'] . "/data.xml";
$rlo_url = $xerte_toolkits_site->site_url . $xerte_toolkits_site->users_file_area_short . $row_edit['template_id'] . "-" . $row_username['username'] . "-" . $row_edit['template_name'];
$xwd_url = "modules/" . $row_edit['template_framework'] . "/parent_templates/" . $row_edit['template_name'] . "/";
$xwd_path = $xerte_toolkits_site->root_file_path . "/modules/" . $row_edit['template_framework'] . "/parent_templates/" . $row_edit['template_name'] . "/";
if (file_exists($xwd_path . "wizards/" . $_SESSION['toolkits_language'] . "/data.xwd")) {
$xwd_file_url = $xwd_url . "wizards/" . $_SESSION['toolkits_language'] . "/data.xwd";
} else {
if (file_exists($xwd_path . "wizards/en-GB/data.xwd")) {
$xwd_file_url = $xwd_url . "wizards/en-GB/data.xwd";
} else {
if (file_exists($xwd_path . "data.xwd")) {
$xwd_file_url = $xwd_url . "data.xwd";
}
}
}
$module_url = "modules/" . $row_edit['template_framework'] . "/";
$jqgridlangfile = "editor/js/vendor/jqgrid/js/i18n/grid.locale-en.js";
$jqgridlangcode = strtolower($_SESSION['toolkits_language']);
if (file_exists($xerte_toolkits_site->root_file_path . "editor/js/vendor/jqgrid/js/i18n/grid.locale-" . $jqgridlangcode . ".js")) {
$jqgridlangfile = "editor/js/vendor/jqgrid/js/i18n/grid.locale-" . $jqgridlangcode . ".js";
} else {
$jqgridlangcode = substr($jqgridlangcode, 0, 2);
if (file_exists($xerte_toolkits_site->root_file_path . "editor/js/vendor/jqgrid/js/i18n/grid.locale-" . $jqgridlangcode . ".js")) {
$jqgridlangfile = "editor/js/vendor/jqgrid/js/i18n/grid.locale-" . $jqgridlangcode . ".js";
}
}
/**
* build an array of available themes for this template
*/
$theme_folder = $xerte_toolkits_site->root_file_path . "themes/" . $row_edit['template_name'] . "/";
$ThemeList = array();
// Add default theme
$ThemeList[] = array('name' => "default", 'display_name' => "Xerte Online Toolkits", 'description' => "Xerte Online Toolkits", 'preview' => "");
if (file_exists($theme_folder)) {
$d = opendir($theme_folder);
while ($f = readdir($d)) {
if (is_dir($theme_folder . $f)) {
if (file_exists($theme_folder . $f . "/" . $f . ".info")) {
$info = file($theme_folder . $f . "/" . $f . ".info", FILE_SKIP_EMPTY_LINES);
$themeProperties = new StdClass();
foreach ($info as $line) {
$attr_data = explode(":", $line, 2);
if (empty($attr_data) || sizeof($attr_data) != 2) {
continue;
}
switch (trim(strtolower($attr_data[0]))) {
case "name":
$themeProperties->name = trim($attr_data[1]);
break;
case "display name":
$themeProperties->display_name = trim($attr_data[1]);
break;
case "description":
$themeProperties->description = trim($attr_data[1]);
break;
case "enabled":
$themeProperties->enabled = strtolower(trim($attr_data[1]));
break;
case "preview":
$themeProperties->preview = $xerte_toolkits_site->site_url . "themes/" . $row_edit['template_name'] . "/" . $f . "/" . trim($attr_data[1]);
break;
}
}
if (substr($themeProperties->enabled, 0, 1) == "y") {
$ThemeList[] = array('name' => $themeProperties->name, 'display_name' => $themeProperties->display_name, 'description' => $themeProperties->description, 'preview' => $themeProperties->preview);
}
}
}
}
}
/**
* sort of the screen sies required for the preview window
*/
$temp = explode("~", get_template_screen_size($row_edit['template_name'], $row_edit['template_framework']));
//$edit_site_logo = $xerte_toolkits_site->site_logo;
//$pos = strrpos($edit_site_logo, '/') + 1;
//$edit_site_logo = substr($edit_site_logo,0,$pos) . "edit_" . substr($edit_site_logo,$pos);
//$edit_organisational_logo = $xerte_toolkits_site->organisational_logo;
//$pos = strrpos($edit_organisational_logo, '/') + 1;
//$edit_organisational_logo = substr($edit_organisational_logo,0,$pos) . "edit_" . substr($edit_organisational_logo,$pos);
/**
* set up the onunload function used in version control
*/
?>
<!DOCTYPE html>
<html lang="<?php
echo $_SESSION['toolkits_language'];
?>
">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Xerte Online Toolkits Editor</title>
<link rel="stylesheet" href="editor/css/jquery-ui.css">
<link rel="stylesheet" href="editor/js/vendor/themes/default/style.css" />
<link rel="stylesheet" type="text/css" href="website_code/styles/xerte_buttons.css" />
<link rel="stylesheet" type="text/css" href="editor/css/complex.css" />
<link rel="stylesheet" type="text/css" href="editor/js/vendor/featherlight/featherlight.min.css" />
<link rel="stylesheet" type="text/css" href="editor/js/vendor/imgareaselect/imgareaselect-default.css" />
<link rel="stylesheet" type="text/css" href="editor/js/vendor/jqgrid/css/ui.jqgrid.css" />
<link rel="stylesheet" type="text/css" href="editor/js/vendor/ckeditor/plugins/codemirror/css/codemirror.min.css" />
<link rel="stylesheet" type="text/css" href="modules/xerte/parent_templates/Nottingham/common_html5/font-awesome/css/font-awesome.min.css">
<link rel="stylesheet" type="text/css" href="modules/xerte/parent_templates/Nottingham/common_html5/font-awesome-4.3.0/css/font-awesome.min.css">
<link href='https://fonts.googleapis.com/css?family=Open+Sans' rel='stylesheet' type='text/css'>
<script src="website_code/scripts/template_management.js"></script>
<!--[if lte IE 7]>
<style type="text/css"> body { font-size: 85%; } </style>
<![endif]-->
</head>
<body>
<img id="loader" src="editor/img/loading16.gif" />
<div class="hide ui-layout-west">
<div class="header"></div>
<div class="content"></div>
<div class="footer"></div>
</div>
<div class="hide ui-layout-east">
<div class="header"><div id="optional_title">Optional parameters</div></div>
<div id="optionalParams" class="content">
<p>...</p>
</div>
<div class="footer"></div>
</div>
<div class="hide ui-layout-north">
<div class="content" id="#header_images">
<?php
if (file_exists($xerte_toolkits_site->root_file_path . "branding/logo_left.png")) {
echo "<img src=\"branding/logo_left.png\" style=\"float:left\" />";
} else {
echo "<img src=\"website_code/images/logo.png\" style=\"float:left\" />";
}
if (file_exists($xerte_toolkits_site->root_file_path . "branding/logo_right.png")) {
echo "<img src=\"branding/logo_right.png\" style=\"float:right\" />";
} else {
echo "<img src=\"website_code/images/apereoLogo.png\" style=\"float:right\" />";
}
?>
</div>
</div>
<div class="hide ui-layout-south">
<div class="header">Options</div>
<div class="content"></div>
</div>
<div id="mainContent" class="hide ui-layout-center pane pane-center ui-layout-pane ui-layout-pane-center">
<div class="header"></div>
<div id="content" class="content">
<div id="mainPanel"></div>
<div id="languagePanel" style="display:none">
<hr>
</div>
<div id="insert_subnodes">
</div>
<div class="nodeInfo" id="info">
</div>
</div>
<div id="main_footer" class="footer">
<div id="checkbox_outer"><table><tr><td id="checkbox_holder"></td></tr></table></div>
</div>
</div>
<div id="shadow" class="dark" class="hide"></div>
<div id="insert_menu" class="hide"></div>
<!-- <script src="//ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js"></script> -->
<script src="//ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js"></script>
<script>window.jQuery || document.write('<script src="editor/js/vendor/jquery-1.9.1.min.js"><\/script>')</script>
<?php
if (preg_match('~MSIE|Internet Explorer~i', $_SERVER['HTTP_USER_AGENT']) || strpos($_SERVER['HTTP_USER_AGENT'], 'Trident/7.0; rv:11.0') !== false) {
?>
<script src="//ajax.googleapis.com/ajax/libs/jqueryui/1.11.4/jquery-ui.min.js"></script>
<?php
} else {
?>
<script type="text/javascript" src="editor/js/vendor/jquery.ui-1.10.4.js"></script>
<?php
}
?>
<script type="text/javascript" src="editor/js/vendor/jquery.layout-1.3.0-rc30.79.min.js"></script>
<script type="text/javascript" src="editor/js/vendor/jquery.ui.touch-punch.min.js"></script>
<script type="text/javascript" src="editor/js/vendor/modernizr-latest.js"></script>
<script type="text/javascript" src="editor/js/vendor/jstree.js"></script>
<!-- <script type="text/javascript" src="https://c328740.ssl.cf1.rackcdn.com/mathjax/latest/MathJax.js?config=TeX-MML-AM_HTMLorMML-full"></script> -->
<script type="text/javascript" src="editor/js/vendor/ckeditor/ckeditor.js"></script>
<script type="text/javascript" src="editor/js/vendor/ckeditor/adapters/jquery.js"></script>
<script type="text/javascript" src="editor/js/vendor/jscolor.js"></script>
<script type="text/javascript" src="editor/js/vendor/xml2json.min.js"></script>
<script type="text/javascript" src="editor/js/vendor/featherlight/featherlight.js"></script>
<script type="text/javascript" src="editor/js/vendor/imgareaselect/jquery.imgareaselect.js"></script>
<script type="text/javascript" src="editor/js/vendor/jqgrid/js/jquery-migrate-1.2.1.js"></script>
<script type="text/javascript" src="<?php
echo $jqgridlangfile;
?>
"></script>
<script type="text/javascript" src="editor/js/vendor/jqgrid/js/jquery.jqGrid.min.js"></script>
<!-- load exactly the same codemirror scripts as needed by ckeditor -->
<script type="text/javascript" src="editor/js/vendor/ckeditor/plugins/codemirror/js/codemirror.min.js"></script>
<script type="text/javascript" src="editor/js/vendor/ckeditor/plugins/codemirror/js/codemirror.addons.min.js"></script>
<script type="text/javascript" src="editor/js/vendor/ckeditor/plugins/codemirror/js/codemirror.mode.htmlmixed.min.js"></script>
<script type="text/javascript" src="editor/js/vendor/ckeditor/plugins/codemirror/js/codemirror.mode.javascript.min.js"></script>
<script type="text/javascript" src="editor/js/vendor/ckeditor/plugins/codemirror/js/beautify.min.js"></script>
<script type="text/javascript" src="editor/js/vendor/ckeditor/plugins/codemirror/js/codemirror.addons.search.min.js"></script>
<script>
<?php
echo "previewxmlurl=\"" . $preview_url . "\";\n";
echo "dataxmlurl=\"" . $data_url . "\";\n";
echo "mediavariable=\"" . $media_path . "\";\n";
echo "rlourlvariable=\"" . $rlo_url . "/\";\n";
echo "rlopathvariable=\"" . $rlo_path . "/\";\n";
echo "languagecodevariable=\"" . $_SESSION['toolkits_language'] . "\";\n";
echo "editorlanguagefile=\"" . getWizardfile($_SESSION['toolkits_language']) . "\";\n";
echo "originalpathvariable=\"" . $xwd_url . "\";\n";
echo "xwd_file_url=\"" . $xwd_file_url . "\";\n";
echo "moduleurlvariable=\"" . $module_url . "\";\n";
echo "template_id=\"" . $row_edit['template_id'] . "\";\n";
echo "template_height=\"" . $temp[1] . "\";\n";
echo "template_width=\"" . $temp[0] . "\";\n";
echo "read_and_write=\"" . $read_status . "\";\n";
echo "savepath=\"" . $xerte_toolkits_site->flash_save_path . "\";\n";
echo "upload_path=\"" . $xerte_toolkits_site->flash_upload_path . "\";\n";
echo "preview_path=\"" . $xerte_toolkits_site->flash_preview_check_path . "\";\n";
echo "site_url=\"" . $xerte_toolkits_site->site_url . "\";\n";
echo "theme_list=" . json_encode($ThemeList) . ";\n";
?>
function bunload(){
path = "<?php
echo $row_edit['template_id'] . "-" . $row_username['username'] . "-" . $row_edit['template_name'] . "/";
?>
";
if(typeof window_reference==="undefined"){
window.opener.edit_window_close(path);
}else{
window_reference.edit_window_close(path);
}
}
</script>
<script type="text/javascript" src="editor/js/data.js"></script>
<script type="text/javascript" src="editor/js/application.js"></script>
<script type="text/javascript" src="editor/js/toolbox.js"></script>
<script type="text/javascript" src="editor/js/language.js"></script>
<script type="text/javascript" src="editor/js/layout.js"></script>
<script type="text/javascript" src="editor/js/tree.js"></script>
</body>
</html>
<?php
}
require_once dirname(__FILE__) . '/library/autoloader.php';
if (!isset($xerte_toolkits_site)) {
// create new generic object to hold all our config stuff in....
$xerte_toolkits_site = new StdClass();
/**
* Access the database to get the variables
*/
if (!is_file(dirname(__FILE__) . '/database.php')) {
header("Location: " . $_SERVER['REQUEST_URI'] . "setup/");
}
require_once dirname(__FILE__) . '/database.php';
require_once dirname(__FILE__) . '/website_code/php/database_library.php';
if (!database_connect("", "")) {
die("database.php isn't correctly configured; cannot connect to database; have you run /setup?");
}
$row = db_query_one("SELECT * FROM {$xerte_toolkits_site->database_table_prefix}sitedetails");
/**
* Access the database to get the variables
* @version 1.0
* @author Patrick Lockley
* @copyright 2008,2009 University of Nottingham
*/
/**
* Include any script that is used for configuration - for moodle this might be e.g. '/xampp/htdocs/moodle/config.php'.
*/
if ($row['integration_config_path'] != "") {
require_once $row['integration_config_path'];
}
unset($row['integration_config_path']);
foreach ($row as $key => $value) {
$xerte_toolkits_site->{$key} = $value;
require $xerte_toolkits_site->php_library_path . "screen_size_library.php";
require $xerte_toolkits_site->php_library_path . "template_status.php";
require $xerte_toolkits_site->php_library_path . "user_library.php";
/*
* Check the ID is numeric
*/
if (isset($_SESSION['toolkits_logon_id'])) {
if (is_numeric($_GET['template_id'])) {
$safe_template_id = (int) $_GET['template_id'];
/*
* Standard query
*/
$query_for_preview_content = "select otd.template_name, ld.username, otd.template_framework, tr.user_id, tr.folder, tr.template_id, td.access_to_whom, td.extra_flags";
$query_for_preview_content .= " from " . $xerte_toolkits_site->database_table_prefix . "originaltemplatesdetails otd, " . $xerte_toolkits_site->database_table_prefix . "templaterights tr, " . $xerte_toolkits_site->database_table_prefix . "templatedetails td, " . $xerte_toolkits_site->database_table_prefix . "logindetails ld";
$query_for_preview_content .= " where td.template_type_id = otd.template_type_id and td.creator_id = ld.login_id and tr.template_id = td.template_id and tr.template_id=" . $safe_template_id . " and role='creator'";
$row = db_query_one($query_for_preview_content);
if (!empty($row)) {
// get their username from the db which matches their login_id from the $_SESSION
// ???? This is just the same user as in the previous query, NOT from the session. WHY?
//$row_username = db_query_one("select username from {$xerte_toolkits_site->database_table_prefix}logindetails where login_id=?", array($row['user_id']));
require $xerte_toolkits_site->root_file_path . "modules/" . $row['template_framework'] . "/preview.php";
// is there a matching template?
// if they're an admin or have rights to see the template, then show it.
if (is_user_admin() || has_rights_to_this_template($row['template_id'], $_SESSION['toolkits_logon_id'])) {
show_preview_code($row);
exit(0);
}
}
} else {
echo PREVIEW_RESOURCE_FAIL;
}
die;
}
/*
* Take the query from site variable and alter it to suit this request
*/
$query_for_play_content = "select otd.template_name, ld.username, otd.template_framework, tr.user_id, tr.folder, tr.template_id, td.access_to_whom, td.extra_flags";
$query_for_play_content .= " from " . $xerte_toolkits_site->database_table_prefix . "originaltemplatesdetails otd, " . $xerte_toolkits_site->database_table_prefix . "templaterights tr, " . $xerte_toolkits_site->database_table_prefix . "templatedetails td, " . $xerte_toolkits_site->database_table_prefix . "logindetails ld";
$query_for_play_content .= " where td.template_type_id = otd.template_type_id and td.creator_id = ld.login_id and tr.template_id = td.template_id and tr.template_id=" . $safe_template_id . " and role='creator'";
$query_for_play_content_response = mysql_query($query_for_play_content);
$row_play = mysql_fetch_array($query_for_play_content_response);
$query_to_find_out_if_in_recycle_bin = "select folder_name from " . $xerte_toolkits_site->database_table_prefix . "folderdetails where folder_id =\"" . $row_play['folder'] . "\"";
$query_for_recycle_bin_response = mysql_query($query_to_find_out_if_in_recycle_bin);
/*
* Is the file in the recycle bin?
*/
$row_recycle = db_query_one("SELECT folder_name FROM {$xerte_toolkits_site->database_table_prefix}folderdetails WHERE folder_id = ?", array($row_play['folder']));
if ($row_recycle['folder_name'] == "recyclebin") {
echo file_get_contents($xerte_toolkits_site->website_code_path . "error_top") . " " . PLAY_RESOURCE_FAIL . " </div></div></body></html>";
exit(0);
}
require_once $xerte_toolkits_site->php_library_path . "screen_size_library.php";
/*
* Ge show template functions for this 'module' / 'template framework'
*/
require_once $xerte_toolkits_site->root_file_path . "modules/" . $row_play['template_framework'] . "/play.php";
/*
* Fix for NULL number_of_uses
*/
db_query("UPDATE {$xerte_toolkits_site->database_table_prefix}templatedetails SET number_of_uses = 0 WHERE ISNULL(number_of_uses)");
/*
* Start to check the access_to_whom settings from templatedetails for this template
$template_object['requires'] = trim($attr_data[1]);
break;
}
}
if (isset($template_object['requires'])) {
$row = db_query_one("SELECT * FROM {$xerte_toolkits_site->database_table_prefix}originaltemplatesdetails where template_framework=?", array($template_object['requires']));
if (isset($row)) {
$continue = true;
} else {
$continue = false;
}
} else {
$continue = true;
}
if ($continue) {
$row = db_query_one("SELECT * FROM {$xerte_toolkits_site->database_table_prefix}originaltemplatesdetails where template_framework=? and template_name=?", array($_POST['name'], $template));
if (isset($row)) {
if (is_array($row)) {
db_query("update {$xerte_toolkits_site->database_table_prefix}originaltemplatesdetails set display_name=?, description=?, access_rights=?, active=? where template_type_id=?", array($template_object['display_name'], $template_object['description'], $row['template_type_id'], "*", 1));
echo "<p>" . $_POST['name'] . "/" . $template . " " . EXTEND_MODULE_UPDATE . "</p>";
}
} else {
db_query("insert into {$xerte_toolkits_site->database_table_prefix}originaltemplatesdetails (template_framework,template_name,display_name,description,date_uploaded,access_rights,active)values(?,?,?,?,?,?,?)", array($_POST['name'], $template, $template_object['display_name'], $template_object['description'], date("Y-m-d", time()), "*", 1));
echo "<p>" . $_POST['name'] . "/" . $template . " " . EXTEND_MODULE_INSTALL . "</p>";
}
} else {
echo "<p>" . $_POST['name'] . "/" . $template . " <span style='color:#f00'>" . EXTEND_MODULE_REQUIRES . "</span> <strong>" . $template_object['requires'] . "</strong></p>";
}
}
}
}
* @package
*/
require_once "../../../config.php";
include "../template_status.php";
include "../screen_size_library.php";
include "../url_library.php";
include "../user_library.php";
include "properties_library.php";
if (is_numeric($_POST['template_id'])) {
$template_id = mysql_real_escape_string($_POST['template_id']);
$engine = mysql_real_escape_string($_POST['engine']);
if ($engine != 'flash' && $engine != 'javascript') {
$engine = 'javascript';
}
// Get extra flags
$row = db_query_one("SELECT td.extra_flags FROM {$xerte_toolkits_site->database_table_prefix}templatedetails td WHERE td.template_id = ?", array($template_id));
$extra_flags = explode(";", $row['extra_flags']);
$found = false;
for ($i = 0; $i < count($extra_flags); $i++) {
$parameter = explode("=", $extra_flags[$i]);
if ($parameter[0] == 'engine') {
$extra_flags[$i] = "engine=" . $engine;
$found = true;
break;
}
}
if (!$found) {
$extra_flags[] = "engine=" . $engine;
}
$db_entry = join(";", $extra_flags);
$query = "update " . $xerte_toolkits_site->database_table_prefix . "templatedetails SET extra_flags =\"" . str_replace(" ", "_", mysql_real_escape_string($db_entry)) . "\" WHERE template_id =\"" . $template_id . "\"";
require_once "../../../config.php";
include "../template_status.php";
include "../url_library.php";
include "../user_library.php";
include "properties_library.php";
if (is_numeric($_POST['template_id'])) {
if (is_user_creator($_POST['template_id']) || is_user_admin()) {
$query_for_rss_status = "select rss from {$xerte_toolkits_site->database_table_prefix}templatesyndication where template_id=?";
$rows = db_query($query_for_rss_status, array($_POST['template_id']));
$status = false;
if (sizeof($rows) == 0) {
$query_to_change_rss_status = "Insert into {$xerte_toolkits_site->database_table_prefix}templatesyndication (template_id,rss,export,description) VALUES (?,?,?,?)";
$status = db_query($query_to_change_rss_status, array($_POST['template_id'], $_POST['rss'], $_POST['export'], $_POST['desc']));
} else {
$query_to_change_rss_status = "update {$xerte_toolkits_site->database_table_prefix}templatesyndication \n set rss=?, export=?, description=? WHERE template_id = ?";
$status = db_query($query_to_change_rss_status, array($_POST['rss'], $_POST['export'], $_POST['desc'], $_POST['template_id']));
}
if ($status === false) {
echo "<p class='error'>Error saving change to template.</p>";
}
if (template_access_settings($_POST['template_id']) == "Public") {
$query_for_name = "select firstname,surname from {$xerte_toolkits_site->database_table_prefix}logindetails where login_id=?";
$row_name = db_query_one($query_for_name, array($_SESSION['toolkits_logon_id']));
rss_display($xerte_toolkits_site, $_POST['template_id'], true);
} else {
rss_display_public();
}
} else {
rss_display_fail();
}
}
$prefix = $xerte_toolkits_site->database_table_prefix;
ini_set('max_execution_time', 300);
if (is_numeric($_GET['template_id'])) {
$_GET['template_id'] = (int) $_GET['template_id'];
$proceed = false;
if (is_template_exportable($_GET['template_id'])) {
$proceed = true;
} else {
if (is_user_creator($_GET['template_id']) || is_user_admin()) {
$proceed = true;
}
}
if ($proceed) {
$fullArchive = false;
if (isset($_GET['full'])) {
if ($_GET['full'] == "true") {
$fullArchive = true;
}
}
_debug("Full archive: " . $fullArchive);
/*
* Get the file path
*/
$query = "select {$prefix}templatedetails.template_name as zipname, {$prefix}templaterights.template_id, " . "{$prefix}logindetails.username, {$prefix}originaltemplatesdetails.template_name," . "{$prefix}originaltemplatesdetails.template_framework from {$prefix}templaterights, {$prefix}logindetails, " . "{$prefix}originaltemplatesdetails, {$prefix}templatedetails WHERE " . "{$prefix}templatedetails.template_type_id = {$prefix}originaltemplatesdetails.template_type_id and " . "{$prefix}templaterights.template_id = {$prefix}templatedetails.template_id and " . "{$prefix}templatedetails.creator_id = {$prefix}logindetails.login_id and {$prefix}templaterights.template_id= ? AND role= ?";
$params = array($_GET['template_id'], 'creator');
$row = db_query_one($query, $params);
if (file_exists($xerte_toolkits_site->root_file_path . "modules/" . $row['template_framework'] . "/export.php")) {
require_once $xerte_toolkits_site->root_file_path . "modules/" . $row['template_framework'] . "/export.php";
}
}
}
function upgrade_6()
{
$table = table_by_key('originaltemplatesdetails');
db_query_one("insert into " . $table . " (`template_type_id`,`template_framework`,`template_name`,`description`,`date_uploaded`,`display_name`,`display_id`,`access_rights`,`active`) values (17,'decision','decision','A template for presenting a series of questions to reach a solution to a problem.','2009-01-01','Decision Tree Template',0,'*',1)");
return true;
}
if (!isset($_GET['folder_name'])) {
$query = "select {$xerte_toolkits_site->database_table_prefix}templatedetails.template_id,creator_id,date_created,template_name,description \n FROM {$xerte_toolkits_site->database_table_prefix}templatedetails, {$xerte_toolkits_site->database_table_prefix}templatesyndication \n WHERE {$query_modifier}='true' AND creator_id=? AND {$xerte_toolkits_site->database_table_prefix}templatedetails.template_id = {$xerte_toolkits_site->database_table_prefix}templatesyndication.template_id";
$params[] = $row_create['login_id'];
} else {
$row_folder = db_query_one("SELECT folder_id FROM {$xerte_toolkits_site->database_table_prefix}folderdetails WHERE folder_name = ?", array(str_replace("_", " ", $_GET['folder_name'])));
if (empty($row_folder)) {
die("Invalid folder name");
}
$query = "select * from {$xerte_toolkits_site->database_table_prefix}templaterights, {$xerte_toolkits_site->database_table_prefix}templatedetails, {$xerte_toolkits_site->database_table_prefix}templatesyndication \n WHERE folder = ?\n AND {$xerte_toolkits_site->database_table_prefix}templaterights.template_id = {$xerte_toolkits_site->database_table_prefix}templatedetails.template_id \n AND {$xerte_toolkits_site->database_table_prefix}templatesyndication.template_id = {$xerte_toolkits_site->database_table_prefix}templaterights.template_id and rss = 'true'";
$params[] = $row_folder['folder_id'];
}
}
$rows = db_query($query, $params);
foreach ($rows as $row) {
if (!isset($_GET['username'])) {
$row_creator = db_query_one("SELECT firstname,surname from {$xerte_toolkits_site->database_table_prefix}logindetails where login_id=?", array($row['creator_id']));
$user = $row_creator['firstname'] . " " . $row_creator['surname'];
} else {
// revert back to $_GET['usenrame'] parsed value(s)
$user = $temp_array[0] . " " . $temp_array[1];
}
$action = 'play';
if (isset($_GET['export'])) {
$action = 'export';
}
if (isset($_GET['html5'])) {
$action = 'play_html5';
}
echo "<item>\n <title>" . str_replace("_", " ", $row['template_name']) . "</title>\n <link><![CDATA[" . $xerte_toolkits_site->site_url . url_return($action, $row['template_id']) . "]]></link>\n <description><![CDATA[" . $row['description'] . "<br><br>" . str_replace("_", " ", $row['template_name']) . " " . RSS_DEVELOP . $user . "]]></description>\n <pubDate>" . date(DATE_RSS, strtotime($row['date_created'])) . "</pubDate>\n <guid><![CDATA[" . $xerte_toolkits_site->site_url . url_return($action, $row['template_id']) . "]]></guid>\n </item>\n";
}
echo "\n </channel>\n </rss>";
*/
$prefix = $xerte_toolkits_site->database_table_prefix;
if (is_numeric($_POST['template_id'])) {
if (is_user_creator($_POST['template_id'])) {
if ($_POST['folder_id'] == "workspace") {
$folder_id = get_user_root_folder();
} else {
$folder_id = $_POST['folder_id'];
}
/*
* get the maximum id number from templates, as the id for this template
*/
$maximum_template_id = get_maximum_template_number();
$query_for_template_type_id = "select otd.template_type_id, otd.template_name, otd.template_framework, td.extra_flags FROM " . "{$prefix}originaltemplatesdetails otd, {$prefix}templatedetails td where " . "otd.template_type_id = td.template_type_id AND " . "td.template_id = ? ";
$params = array($_POST['template_id']);
$row_template_type = db_query_one($query_for_template_type_id, $params);
/*
* create the new template record in the database
*/
$query_for_new_template = "INSERT INTO {$prefix}templatedetails " . "(template_id, creator_id, template_type_id, date_created, date_modified, access_to_whom, template_name, extra_flags)" . " VALUES (?,?,?,?,?,?,?,?)";
$params = array($maximum_template_id + 1, $_SESSION['toolkits_logon_id'], $row_template_type['template_type_id'], date('Y-m-d'), date('Y-m-d'), "Private", "Copy of " . $_POST['template_name'], $row_template_type['extra_flags']);
if (db_query($query_for_new_template, $params) !== FALSE) {
$query_for_template_rights = "INSERT INTO {$prefix}templaterights (template_id,user_id,role, folder) VALUES (?,?,?,?)";
$params = array($maximum_template_id + 1, $_SESSION['toolkits_logon_id'], "creator", $folder_id);
if (db_query($query_for_template_rights, $params) !== FALSE) {
receive_message($_SESSION['toolkits_logon_username'], "ADMIN", "SUCCESS", "Created new template record for the database", $query_for_new_template . " " . $query_for_template_rights);
include $xerte_toolkits_site->root_file_path . $xerte_toolkits_site->module_path . $row_template_type['template_framework'] . "/duplicate_template.php";
duplicate_template($maximum_template_id + 1, $_POST['template_id'], $row_template_type['template_name']);
} else {
receive_message($_SESSION['toolkits_logon_username'], "ADMIN", "CRITICAL", "Failed to create new template record for the database", $query_for_template_rights);
echo "FAILED-" . $_SESSION['toolkits_most_recent_error'];
require_once "../../../config.php";
require "../user_library.php";
if (is_user_admin()) {
$database_id = database_connect("change_owner.php connected", "change_owner.php failed");
$safe_template_id = (int) $_POST['template_id'];
$query_for_play_content_strip = str_replace("\" . \$xerte_toolkits_site->database_table_prefix . \"", $xerte_toolkits_site->database_table_prefix, $xerte_toolkits_site->play_edit_preview_query);
$query_for_play_content = str_replace("TEMPLATE_ID_TO_REPLACE", $safe_template_id, $query_for_play_content_strip);
$row_play = db_query_one($query_for_play_content);
$prefix = $xerte_toolkits_site->database_table_prefix;
$query = "UPDATE {$prefix}templatedetails set creator_id= ? WHERE template_id = ?";
$params = array($_POST['new_user'], $_POST['template_id']);
$ok = db_query($query, $params);
if (!$ok) {
die("Failed to update");
}
$query = "SELECT username FROM {$prefix}logindetails where login_id = ?";
$params = array($_POST['new_user']);
$row_username = db_query_one($query, $params);
$query = "select folder_id from {$prefix}folderdetails where login_id= ? AND folder_name = ?";
$params = array($_POST['new_user'], $row_username['username']);
$row_folder = db_query_one($query, $params);
$query = "UPDATE {$prefix}templaterights SET user_id = ?, folder = ? WHERE template_id = ? AND role = ?";
$params = array($_POST['new_user'], $row_folder['folder_id'], $_POST['template_id'], 'creator');
$ok = db_query($query, $params);
if ($ok) {
echo "Update successful";
} else {
die('database error');
}
rename($xerte_toolkits_site->root_file_path . $xerte_toolkits_site->users_file_area_short . $row_play['template_id'] . "-" . $row_play['username'] . "-" . $row_play['template_name'] . "/", $xerte_toolkits_site->root_file_path . $xerte_toolkits_site->users_file_area_short . $row_play['template_id'] . "-" . $row_username['username'] . "-" . $row_play['template_name'] . "/");
}
* Check the template ID is a number
*/
if (empty($_GET['template_id']) || !is_numeric($_GET['template_id'])) {
die("Invalid template id");
}
$template_id = (int) $_GET['template_id'];
$query_to_check_peer = "select * from " . $xerte_toolkits_site->database_table_prefix . "additional_sharing where sharing_type=\"peer\" and template_id=\"" . $template_id . "\"";
$query_for_peer_response = db_query_one("SELECT * FROM {$xerte_toolkits_site->database_table_prefix}additional_sharing WHERE sharing_type = ? AND template_id = ?", array('peer', $template_id));
/**
* The number of rows being not equal to 0, indicates peer review has been set up.
*/
if (!empty($query_for_peer_response)) {
$query_for_play_content = "select otd.template_name, ld.username, otd.template_framework, tr.user_id, tr.folder, tr.template_id, td.access_to_whom, td.extra_flags";
$query_for_play_content .= " from " . $xerte_toolkits_site->database_table_prefix . "originaltemplatesdetails otd, " . $xerte_toolkits_site->database_table_prefix . "templaterights tr, " . $xerte_toolkits_site->database_table_prefix . "templatedetails td, " . $xerte_toolkits_site->database_table_prefix . "logindetails ld";
$query_for_play_content .= " where td.template_type_id = otd.template_type_id and td.creator_id = ld.login_id and tr.template_id = td.template_id and tr.template_id=" . $template_id . " and role='creator'";
$row_play = db_query_one($query_for_play_content);
/**
* Peer review needs a password, so check if anything has been posted
*/
require $xerte_toolkits_site->php_library_path . "screen_size_library.php";
require $xerte_toolkits_site->root_file_path . "modules/" . $row_play['template_framework'] . "/peer.php";
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
/**
* Check the password againsr the value in the database
*/
$extra = explode(",", $query_for_peer_response['extra'], 2);
$passwd = $extra[0];
if (count($extra) > 1) {
$retouremail = $extra[1];
} else {
$retouremail = $_SESSION['toolkits_logon_username'];
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
// Calls the function from the display library
require_once "../../../config.php";
_load_language_file("/website_code/php/properties/media_and_quota_template.inc");
_load_language_file("/website_code/php/properties/sharing_status_template.inc");
_load_language_file("/properties.inc");
require_once "../display_library.php";
require_once "../user_library.php";
require_once "../template_status.php";
require_once "../url_library.php";
require_once "../properties/properties_library.php";
if (empty($_SESSION['toolkits_logon_id'])) {
die("Please login");
}
$info = new stdClass();
$info->properties = project_info($_POST['template_id']);
$info->properties .= media_quota_info($_POST['template_id']);
$info->properties .= access_info($_POST['template_id']);
$info->properties .= sharing_info($_POST['template_id']);
$sql = "SELECT template_id, user_id, firstname, surname, role FROM " . " {$xerte_toolkits_site->database_table_prefix}templaterights, {$xerte_toolkits_site->database_table_prefix}logindetails WHERE " . " {$xerte_toolkits_site->database_table_prefix}logindetails.login_id = {$xerte_toolkits_site->database_table_prefix}templaterights.user_id and template_id= ? and user_id = ?";
$row = db_query_one($sql, array($_POST['template_id'], $_SESSION['toolkits_logon_id']));
$info->role = $row['role'];
echo json_encode($info);
//$info = get_project_info($_POST['template_id']);
//echo $info;
}
/*
* Check the template ID is numeric
*/
if (!isset($_GET['template_id']) || !is_numeric($_GET['template_id'])) {
_debug("Template id is not numeric. ->" . $_GET['template_id']);
dont_show_template();
exit(0);
}
/*
* Find out if this user has rights to the template
*/
$safe_template_id = (int) $_GET['template_id'];
$query_for_edit_content_strip = str_replace("\" . \$xerte_toolkits_site->database_table_prefix . \"", $xerte_toolkits_site->database_table_prefix, $xerte_toolkits_site->play_edit_preview_query);
$query_for_edit_content = str_replace("TEMPLATE_ID_TO_REPLACE", $safe_template_id, $query_for_edit_content_strip);
$row_edit = db_query_one($query_for_edit_content);
if (empty($row_edit)) {
die("Invalid template_id (could not find in DB) (1)");
}
if (isset($_SESSION['toolkits_logon_id'])) {
if (has_rights_to_this_template($safe_template_id, $_SESSION['toolkits_logon_id'])) {
// Check if user is editor (could be read only)
if (is_user_an_editor($safe_template_id, $_SESSION['toolkits_logon_id'])) {
// Check for multiple editors
if (has_template_multiple_editors($safe_template_id)) {
// Check for lock file. A lock file is created to prevent more than one
if (file_exists($xerte_toolkits_site->users_file_area_full . $row_edit['template_id'] . "-" . $row_edit['username'] . "-" . $row_edit['template_name'] . "/lockfile.txt")) {
// Lock file exists, so open it up and see who created it
$lock_file_data = file_get_contents($xerte_toolkits_site->users_file_area_full . $row_edit['template_id'] . "-" . $row_edit['username'] . "-" . $row_edit['template_name'] . "/lockfile.txt");
$temp = explode("*", $lock_file_data);
if (count($temp) == 1) {
if (empty($_SESSION) || !isset($_SESSION['toolkits_logon_id'])) {
die("Session expired; please login again.");
}
_load_language_file("/website_code/php/versioncontrol/template_close.inc");
require '../template_status.php';
$temp_array = explode("-", $_POST['file_path']);
database_connect("template close success", "template close fail");
if (file_exists($xerte_toolkits_site->users_file_area_full . $_POST['file_path'] . "lockfile.txt")) {
/*
* Code to delete the lock file
*/
$lock_file_data = file_get_contents($xerte_toolkits_site->users_file_area_full . $temp_array[0] . "-" . $temp_array[1] . "-" . $temp_array[2] . "/lockfile.txt");
$temp = explode("*", $lock_file_data);
$lock_file_creator = $temp[0];
$template_id = explode("-", $_POST['file_path']);
$row_template_name = db_query_one("Select template_name from {$xerte_toolkits_site->database_table_prefix}templatedetails WHERE template_id = ?", array($template_id[0]));
$user_list = $temp[1];
$users = explode(" ", $user_list);
/*
* Email users in the lock file
*/
for ($x = 0; $x != count($users) - 1; $x++) {
mail($users[$x] . "@" . $xerte_toolkits_site->email_add_to_username, "File available - \"" . str_replace("_", " ", $row_template_name['template_name']) . "\"", "Hello, <br><br> You've requested to be informed when the file \"" . str_replace("_", " ", $row_template_name['template_name']) . "\" becomes available for editing. The file was made available at " . date("h:i a") . " on " . date("l, jS F") . " <br><br> Please note that multiple requests may have been made, and as such you may not be the only person to have receive one of these notifications. As such the file may well be locked by somebody else.<br><br> Please log into the site at <a href=\"" . $xerte_toolkits_site->site_url . "\">" . $xerte_toolkits_site->site_url . "</a>. <br><br> Thank you, <br><br> the Xerte Online toolkits team", get_email_headers());
}
unlink($xerte_toolkits_site->users_file_area_full . $_POST['file_path'] . "lockfile.txt");
}
/*
* Code to check to see if we should warn on a publish
*/
if (is_user_an_editor($temp_array[0], $_SESSION['toolkits_logon_id'])) {
$prefix = $xerte_toolkits_site->users_file_area_full . $temp_array[0] . "-" . $temp_array[1] . "-" . $temp_array[2];
require $xerte_toolkits_site->php_library_path . "user_library.php";
/*
* Check the ID is numeric
*/
if (isset($_SESSION['toolkits_logon_id'])) {
if (is_numeric($_GET['template_id'])) {
$safe_template_id = (int) $_GET['template_id'];
// Need to run a proper string replace on any embedded instances of '$xerte_toolkits_site->database_table_prefix' so it's actually expanded.
$query_for_preview_content_strip = str_replace("\" . \$xerte_toolkits_site->database_table_prefix . \"", $xerte_toolkits_site->database_table_prefix, $xerte_toolkits_site->play_edit_preview_query);
/*
* Standard query
*/
$query_for_preview_content = str_replace("TEMPLATE_ID_TO_REPLACE", $safe_template_id, $query_for_preview_content_strip);
$row = db_query_one($query_for_preview_content);
// get their username from the db which matches their login_id from the $_SESSION
$row_username = db_query_one("select username from {$xerte_toolkits_site->database_table_prefix}logindetails where login_id=?", array($row['user_id']));
// is there a matching template?
if (!empty($row)) {
// if they're an admin or have rights to see the template, then show it.
if (is_user_admin() || has_rights_to_this_template($row['template_id'], $_SESSION['toolkits_logon_id'])) {
require $xerte_toolkits_site->root_file_path . "modules/" . $row['template_framework'] . "/preview_site.php";
show_preview_code($row, $row_username);
exit(0);
}
}
} else {
echo PREVIEW_RESOURCE_FAIL;
}
} else {
echo PREVIEW_RESOURCE_FAIL;
}
/**
* add the files to the delete array that are not in use so they can be listed for use in the delete function
*/
array_push($delete_string, $f);
}
$quota += filesize($full);
array_push($result_string, $result);
$result = "";
}
}
}
if (is_numeric($_POST['template_id'])) {
if (has_rights_to_this_template($_POST['template_id'], $_SESSION['toolkits_logon_id']) || is_user_admin()) {
$prefix = $xerte_toolkits_site->database_table_prefix;
$sql = "select {$prefix}originaltemplatesdetails.template_name, {$prefix}templaterights.folder, {$prefix}logindetails.username FROM " . "{$prefix}originaltemplatesdetails, {$prefix}templatedetails, {$prefix}templaterights, {$prefix}logindetails WHERE " . "{$prefix}originaltemplatesdetails.template_type_id = {$prefix}templatedetails.template_type_id AND " . "{$prefix}templaterights.template_id = {$prefix}templatedetails.template_id AND " . "{$prefix}templatedetails.creator_id = {$prefix}logindetails.login_id AND " . "{$prefix}templatedetails.template_id = ? AND role = ? ";
$row_path = db_query_one($sql, array($_POST['template_id'], 'creator'));
$end_of_path = $_POST['template_id'] . "-" . $row_path['username'] . "-" . $row_path['template_name'];
/**
* Set the paths
*/
$dir_path = $xerte_toolkits_site->users_file_area_full . $end_of_path . "/media";
$xmlpath = $xerte_toolkits_site->users_file_area_full . $end_of_path . "/data.xml";
$previewpath = $xerte_toolkits_site->users_file_area_full . $end_of_path . "/preview.xml";
if (file_exists($xerte_toolkits_site->users_file_area_full . $end_of_path . "/preview.xml")) {
$quota = filesize($xerte_toolkits_site->users_file_area_full . $end_of_path . "/data.xml") + filesize($xerte_toolkits_site->users_file_area_full . $end_of_path . "/preview.xml");
}
$d = opendir($dir_path);
media_folder_loop($d);
echo "<p class=\"header\"><span>" . PROPERTIES_TAB_MEDIA . "</span></p>";
echo "<p>" . MEDIA_AND_QUOTA_IMPORT_MEDIA . "</p><form method=\"post\" enctype=\"multipart/form-data\" id=\"importpopup\" name=\"importform\" target=\"upload_iframe\" action=\"website_code/php/import/fileupload.php\" onsubmit=\"javascript:iframe_upload_check_initialise();\"><input name=\"filenameuploaded\" type=\"file\" /><input type=\"hidden\" name=\"mediapath\" value=\"" . $dir_path . "/\" /><br><br><button type=\"submit\" class=\"xerte_button\" name=\"submitBtn\" onsubmit=\"javascript:iframe_check_initialise()\"><i class=\"fa fa-upload\"></i> " . MEDIA_AND_QUOTA_BUTTON_IMPORT . "</button></form><p>" . MEDIA_AND_QUOTA_CLICK_FILENAME . "<br><textarea id=\"linktext\" style=\"width:90%;\" rows=\"3\"></textarea></p>";
echo "<p style=\"margin:0px; padding:0px; margin-left:10px;\" id=\"download_link\"></p>";
public function addUser($username, $firstname, $surname, $passwd)
{
global $xerte_toolkits_site;
// Check if user exists
$row = db_query_one("SELECT * FROM {$xerte_toolkits_site->database_table_prefix}user WHERE username = ?", array($username));
if (!empty($row)) {
return "<li>" . AUTH_DB_USEREXISTS . "</li>";
}
// Insert user
$spassword = $this->_hashAndSalt($username, $passwd);
$query = "insert into {$xerte_toolkits_site->database_table_prefix}user set firstname=?, surname=?, username=?, password=?";
$params = array($firstname, $surname, $username, $spassword);
$res = db_query($query, $params);
if ($res) {
return "";
} else {
return "<li>" . AUTH_DB_USERADDFAILED . "</li>";
}
}
*/
require_once dirname(__FILE__) . "/../../config.php";
if ($_SESSION['toolkits_logon_id'] == "site_administrator") {
// Check for registration table
$x = db_query("select 1 from {$xerte_toolkits_site->database_table_prefix}registration");
if ($x === false) {
// Create the user table
$x = db_query("create table {$xerte_toolkits_site->database_table_prefix}registration ( `uuid` VARCHAR(45) NOT NULL )");
if (empty($x)) {
_debug("Failed: Does the registration table exist?");
die("Failed to create registration table");
} else {
_debug("Succeeded to create registration record!");
}
}
$res = db_query_one("select * from {$xerte_toolkits_site->database_table_prefix}registration");
if ($res == null) {
$uuid = uid();
$params = array($uuid);
$res = db_query("insert {$xerte_toolkits_site->database_table_prefix}registration set uuid=?", $params);
if ($res === false) {
die("Can't create uid record!");
}
} else {
$uuid = $res['uuid'];
}
$version = file($xerte_toolkits_site->root_file_path . "version.txt");
header("Location: http://www.xerte.org.uk/index.php?option=com_chronoforms5&chronoform=XerteRegistrationForm&xot_uid=" . $uuid . "&version=" . urlencode($version[0]) . "&site=" . $xerte_toolkits_site->site_url . "&name=" . $xerte_toolkits_site->site_name);
} else {
die("Permission denied!");
}
$template_object['requires'] = trim($attr_data[1]);
break;
}
}
if (isset($template_object['requires'])) {
$row = db_query_one("SELECT * FROM {$xerte_toolkits_site->database_table_prefix}originaltemplatesdetails where template_framework=?", array($template_object['requires']));
if (isset($row)) {
$continue = true;
} else {
$continue = false;
}
} else {
$continue = true;
}
if ($continue) {
$row = db_query_one("SELECT * FROM {$xerte_toolkits_site->database_table_prefix}originaltemplatesdetails where template_framework=? and template_name=?", array($folder, $inner_folder));
if (isset($row)) {
if (is_array($row)) {
db_query("update {$xerte_toolkits_site->database_table_prefix}originaltemplatesdetails set display_name=?, description=? where template_type_id=?", array($template_object['display_name'], $template_object['description'], $row['template_type_id']));
echo "<p>" . $folder . " / " . $inner_folder . " " . SYNC_UPDATE . "</p>";
}
} else {
db_query("insert into {$xerte_toolkits_site->database_table_prefix}originaltemplatesdetails (template_framework,template_name,display_name,description,date_uploaded)values(?,?,?,?,?)", array($folder, $inner_folder, $template_object['display_name'], $template_object['description'], date("Y-m-d", time())));
echo "<p>" . $folder . " / " . $inner_folder . " " . SYNC_INSTALL . "</p>";
}
} else {
echo "<p>" . $folder . " / " . $inner_folder . " <span style='color:#f00'>" . SYNC_REQUIRES . "</span> <strong>" . $template_object['requires'] . "</strong></p>";
}
}
}
}
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
/**
*
* peer view page, sends the email back to the
*
* @author Patrick Lockley
* @version 1.0
* @package
*/
require_once "../../../config.php";
_load_language_file("/website_code/php/peer/peer_review.inc");
if (empty($_POST['template_id'])) {
die("invalid form submission");
}
$query_for_file_name = "select template_name from {$xerte_toolkits_site->database_table_prefix}templatedetails where template_id =?";
$row_template_name = db_query_one($query_for_file_name, array($_POST['template_id']));
$headers = get_email_headers();
if (isset($_POST['retouremail'])) {
$subject = PEER_REVIEW_FEEDBACK . " - \"" . str_replace("_", " ", $row_template_name['template_name']) . "\"";
$message = PEER_REVIEW_EMAIL_GREETING . " <br><br> " . PEER_REVIEW_EMAIL_INTRO . "<br><br><br>" . $_POST['feedback'] . "<br><br><br>" . PEER_REVIEW_EMAIL_YOURS . "<br><br>" . PEER_REVIEW_EMAIL_SIGNATURE;
if (mail($_POST['retouremail'], $subject, $message, $headers)) {
echo "<b>" . PEER_REVIEW_USER_FEEDBACK . "</b>";
} else {
echo "<b>" . PEER_REVIEW_PROBLEM . ".</b>";
}
}
* @author Patrick Lockley
* @version 1.0
* @package
*/
require_once "../../../config.php";
_load_language_file("/website_code/php/properties/share_this_template.inc");
$prefix = $xerte_toolkits_site->database_table_prefix;
if (is_numeric($_POST['user_id']) && is_numeric($_POST['template_id'])) {
$user_id = $_POST['user_id'];
$tutorial_id = $_POST['template_id'];
$database_id = database_connect("Share this template database connect success", "Share this template database connect success");
/**
* find the user you are sharing with's root folder to add this template to
*/
$query_to_find_out_root_folder = "select folder_id from {$prefix}folderdetails where login_id = ? and folder_parent=? and folder_name!=?";
$params = array($user_id, '0', 'recyclebin');
$row_query_root = db_query_one($query_to_find_out_root_folder, $params);
$query_to_insert_share = "INSERT INTO {$prefix}templaterights (template_id, user_id, role, folder) VALUES (?,?,?,?)";
$params = array($tutorial_id, $user_id, "editor", $row_query_root['folder_id']);
if (db_query($query_to_insert_share, $params)) {
/**
* sort ouf the html to return to the screen
*/
$query_for_name = "select firstname, surname from {$prefix}logindetails WHERE login_id=?";
$params = array($user_id);
$row = db_query_one($query_for_name, $params);
echo SHARING_THIS_FEEDBACK_SUCCESS . " " . $row['firstname'] . " " . $row['surname'] . "<br>";
} else {
echo SHARING_THIS_FEEDBACK_FAIL . " <br>";
}
}
$prefix = $xerte_toolkits_site->database_table_prefix;
$database_id = database_connect("Template sharing rights database connect success", "Template sharing rights database connect failed");
$query_for_currentdetails = "select *,{$prefix}templatedetails.template_name AS actual_name FROM " . "{$prefix}templatedetails, {$prefix}originaltemplatesdetails where " . "template_id= ? AND {$prefix}originaltemplatesdetails.template_type_id = {$prefix}templatedetails.template_type_id";
$params = array($tutorial_id);
$row_currentdetails = db_query_one($query_for_currentdetails, $params);
$new_template_id = get_maximum_template_number() + 1;
$creation_query = "INSERT INTO {$prefix}templatedetails " . "(template_id, creator_id, template_type_id,template_name,date_created,date_modified,date_accessed,number_of_uses,access_to_whom,extra_flags) " . " VALUES (?,?,?,?,?,?,?,?,?,?)";
$params = array($new_template_id, $user_id, $row_currentdetails['template_type_id'], $row_currentdetails['actual_name'], date('Y-m-d'), date('Y-m-d'), date('Y-m-d'), 0, "Private", $row_currentdetails['extra_flags']);
$ok = db_query($creation_query, $params);
$query_for_currentrights = "select * from {$prefix}templaterights where template_id = ?";
$params = array($tutorial_id);
$row_currentrights = db_query_one($query_for_currentdetails, $params);
$query_for_root_folder = "select folder_id from {$prefix}folderdetails where login_id= ? AND folder_name != ? AND folder_parent=0";
$params = array($user_id, 'recyclebin');
$row_folder = db_query_one($query_for_root_folder, $params);
$create_rights_query = "INSERT INTO {$prefix}templaterights (template_id, user_id, role,folder,notes) VALUES (?,?,?,?,?)";
$params = array($new_template_id, $user_id, "creator", $row_folder['folder_id'], '');
db_query($create_rights_query, $params);
$query_for_new_login = "******";
$params = array($user_id);
$row_new_login = db_query_one($query_for_new_login, $params);
$new_directory = $xerte_toolkits_site->root_file_path . $xerte_toolkits_site->users_file_area_short . $new_template_id . "-" . $row_new_login['username'] . "-" . $row_currentdetails['template_name'] . "/";
mkdir($new_directory);
chmod($new_directory, 0777);
mkdir($new_directory . "media/");
chmod($new_directory . "media/", 0777);
$current_directory = $xerte_toolkits_site->root_file_path . $xerte_toolkits_site->users_file_area_short . $tutorial_id . "-" . $_SESSION['toolkits_logon_username'] . "-" . $row_currentdetails['template_name'] . "/";
copy_loop($current_directory, $new_directory);
echo "<div class=\"share_top\"><p class=\"header\"><span>" . GIFT_RESPONSE_INSTRUCTIONS . ".<br><br></span></p><p>" . GIFT_RESPONSE_SUCCESS . " " . $row_new_login['firstname'] . " " . $row_new_login['surname'] . " (" . $row_new_login['username'] . ")</p><form id=\"share_form\"><input name=\"searcharea\" onkeyup=\"javascript:name_select_gift_template()\" type=\"text\" size=\"20\" /></form><div id=\"area2\"><p>" . GIFT_RESPONSE_NAMES . "</p></div><p id=\"area3\"></div>";
}
}
